Signal Sciences Case Studies Defending Remitly's Digital Transactions with Signal Sciences

	Defending Remitly's Digital Transactions with Signal Sciences Signal Sciences

Defending Remitly's Digital Transactions with Signal Sciences

Signal Sciences

Technology Category	Infrastructure as a Service (IaaS) - Private Cloud Infrastructure as a Service (IaaS) - Public Cloud
Applicable Industries	Finance & Insurance National Security & Defense
Applicable Functions	Quality Assurance
Use Cases	Traffic Monitoring Transportation Simulation
Challenge	Remitly, the largest independent digital remittance company in the United States, was faced with the challenge of protecting its proprietary global transfer network. The company needed a technology that could satisfy PCI requirements and protect customers’ sensitive transactions through its mobile application. Remitly deals with irregular traffic patterns, which posed a significant challenge. For instance, they once observed a spike in account transfers all happening from a small network segment on the Pacific coastline of South America. The company had to determine if this traffic indicated an attack or valid requests, and do so in real time. Allowing the traffic carried the risk that the transactions were malicious, requiring Remitly to reimburse the cost of the fraudulent transfers. A traditional web application firewall (WAF) would have no way of distinguishing this traffic, leaving customers frustrated if they chose to blacklist the IP. Read More
About Customer	Remitly is the largest independent digital remittance company headquartered in the United States. The company enables immigrant communities to send and receive money across borders more simply and at a lower cost. Remitly transfers over $5 billion in annualized volume from its customers in the United States, United Kingdom, Canada, and Australia to loved ones throughout the world. The company operates public facing endpoints and applications for their customers as well as private endpoints that are for internal employees. Read More
Solution	Remitly implemented Signal Sciences to instrument and defend their web applications and APIs. This solution was able to block malicious traffic and allow good traffic through from the same network range or IP. For instance, the spike in activity on the Pacific coastline turned out to be requests from their customers who earn their living out at sea. Signal Sciences provided the needed visibility to help the team determine these were legitimate requests, and not an attack. Remitly also needed a WAF for PCI compliance, but they wanted to protect the entire site and not just the portion of the application that deals with credit cards. Signal Sciences Power Rules allowed them to easily add in instrumentation and defense where they needed it without the complex regex rules found in other products. Furthermore, Signal Sciences provides a flexible architecture that allows them to get running in production and tie into their proxy layers for both private and public networks with ease. Read More Log in to view content
Contents

Technology Category

Infrastructure as a Service (IaaS) - Private Cloud

Infrastructure as a Service (IaaS) - Public Cloud

Applicable Industries

Finance & Insurance

National Security & Defense

Applicable Functions

Quality Assurance

Use Cases

Traffic Monitoring

Transportation Simulation

Challenge

Remitly, the largest independent digital remittance company in the United States, was faced with the challenge of protecting its proprietary global transfer network. The company needed a technology that could satisfy PCI requirements and protect customers’ sensitive transactions through its mobile application. Remitly deals with irregular traffic patterns, which posed a significant challenge. For instance, they once observed a spike in account transfers all happening from a small network segment on the Pacific coastline of South America. The company had to determine if this traffic indicated an attack or valid requests, and do so in real time. Allowing the traffic carried the risk that the transactions were malicious, requiring Remitly to reimburse the cost of the fraudulent transfers. A traditional web application firewall (WAF) would have no way of distinguishing this traffic, leaving customers frustrated if they chose to blacklist the IP.

About Customer

Remitly is the largest independent digital remittance company headquartered in the United States. The company enables immigrant communities to send and receive money across borders more simply and at a lower cost. Remitly transfers over $5 billion in annualized volume from its customers in the United States, United Kingdom, Canada, and Australia to loved ones throughout the world. The company operates public facing endpoints and applications for their customers as well as private endpoints that are for internal employees.

Solution

Remitly implemented Signal Sciences to instrument and defend their web applications and APIs. This solution was able to block malicious traffic and allow good traffic through from the same network range or IP. For instance, the spike in activity on the Pacific coastline turned out to be requests from their customers who earn their living out at sea. Signal Sciences provided the needed visibility to help the team determine these were legitimate requests, and not an attack. Remitly also needed a WAF for PCI compliance, but they wanted to protect the entire site and not just the portion of the application that deals with credit cards. Signal Sciences Power Rules allowed them to easily add in instrumentation and defense where they needed it without the complex regex rules found in other products. Furthermore, Signal Sciences provides a flexible architecture that allows them to get running in production and tie into their proxy layers for both private and public networks with ease.

Impact #1	With Signal Sciences in place, Remitly was able to effectively defend their web applications and APIs without creating false positives or blocking their customers’ traffic. The solution provided the necessary visibility to distinguish between legitimate and malicious requests, even when they came from the same network range or IP. This was particularly useful in situations where there was a spike in activity, such as the one observed on the Pacific coastline. Furthermore, Signal Sciences Power Rules allowed Remitly to easily add in instrumentation and defense where they needed it, without the need for complex regex rules. The flexible architecture of Signal Sciences also allowed Remitly to tie into their proxy layers for both private and public networks with ease, thereby protecting all their applications and endpoints.

Impact #1

With Signal Sciences in place, Remitly was able to effectively defend their web applications and APIs without creating false positives or blocking their customers’ traffic. The solution provided the necessary visibility to distinguish between legitimate and malicious requests, even when they came from the same network range or IP. This was particularly useful in situations where there was a spike in activity, such as the one observed on the Pacific coastline. Furthermore, Signal Sciences Power Rules allowed Remitly to easily add in instrumentation and defense where they needed it, without the need for complex regex rules. The flexible architecture of Signal Sciences also allowed Remitly to tie into their proxy layers for both private and public networks with ease, thereby protecting all their applications and endpoints.

Download PDF Version

Overview

Defending Remitly's Digital Transactions with Signal Sciences

Operational Impact